1.3.3 이전 버전의 해당 취약점 요약
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
1.3.3c 변경점
-------------
+ Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
+ Fixed directory traversal bug in mod_site_misc
+ Fixed SQLite authentications using "SQLAuthType Backend"
관련 링크 :
http://proftpd.org/docs/RELEASE_NOTES-1.3.3c
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867
'News' 카테고리의 다른 글
| Samba 3.4.11 release (0) | 2011.01.25 |
|---|---|
| ProFTPD 1.3.4rc1, 1.3.3d release (0) | 2010.12.26 |
| ModSecurity 2.5.13 release (0) | 2010.12.01 |
| XE 1.4.4.2 배포 (0) | 2010.12.01 |
| Rootkit Hunter release 1.3.8 (0) | 2010.11.17 |